Apple CEO Tim Cook is on the final leg of his tour of Isreal and Europe and has been speaking to UK publication The Telegraph about a range of things including Apple customers’ privacy and of all things, terrorism.

Known for his unusual stance on privacy – one which doesn’t jive with other high profile tech executives who are happy to share everything about you – Cook told the publication during an interview that he feels people’s information is being “trafficked around” in ways that they just don’t yet understand. Read More

As Apple CEO Tim Cook spoke at the President Obama’s Summit on Cybersecurity on Friday, the White House announced that Apple Pay will be enabled for federal payment cards, including Social Security and veterans benefits that are issued via debit cards.

The news represents a major vote of confidence for Apple Pay and Apple in general. While it shouldn’t be considered a proper endorsement from the White House, it is still a major win for Apple. Read More

Apple has enabled two-step verification for its FaceTime and iMessage services, The Guardian reported on Thursday. The move will force users who have the authentication system enabled to input an app-specific password when logging into either of the two services.

For those unfamiliar with the term, two-step verification is an opt-in system that adds an additional layer of security to Apple ID accounts. It requires users to input authentication codes when logging into iCloud on new devices, the web, and now iMessage and FaceTime. Read More

Yesterday, I stumbled upon an intriguing post over at The Loop which I felt raised a valid point about multi-user access in iOS, or the lack of.

It’s especially relevant in light of the fact that Android Lollipop enables multi-user support on phones.

Tablets, of course, have had this for nearly three years with Jelly Bean and up. Now, adding the ability to share your iPhone or iPad with someone else isn’t as trivial as it may appear at first sight as there are many technical hurdles to overcome.

On the other hand, can anyone imagine Apple not working on solving this pain point for its users? I mean, OS X supports multiple user accounts by design and iOS is basically a slimmed down version of OS X.

Anyways, is multi-user access one of those features the company should prioritize for the next major refresh of iOS, do you think? Read More

An unusual oversight in how OS X’s Spotlight feature handles privacy settings in Apple Mail leaves the door open to spammers, phishers and online tracking companies who can obtain private data such as your IP address, current operating system version, browser details and more, whenever an email message is previewed in Spotlight.

First discovered by German technology news site Heise, the bug takes advantage of a common information harvesting technique and a Mail setting which determines whether or not the program loads remote content in emails. Read More

Admittedly, Touch ID has popularized and mainstreamed biometric security on mobile devices using an impression made on a surface by the inner part of the top joint of a finger.

Having debuted on the iPhone 5s, Apple’s in-house sensor built into the Home button is based on a sophisticated technology by Israeli smart sensor maker AuthenTec, which the Cupertino firm snapped up in July of 2012 for a reported $356 million.

However, existing fingerprint-based security solutions could be easily bypassed by generating a fingerprint image from a series of photos of someone’s finger, no physical print necessary whatsoever, according to claims by Chaos Computer Club, Europe’s largest association of hackers.

As relayed by VentureBeat, the hackers have now successfully demonstrated a proof-of-concept by copying the thumbprint of German Defense Minister Ursula von der Leyen.

They used a close-up photograph of von der Leyen’s thumb, obtained during a news conference in October, along with photographs taken from different angles, said Jan Krissler aka “Starbug” at the 31st annual Chaos Computer Club convention in Hamburg, Germany. Read More

Twitter isn’t exactly a great example of what you’d call a privacy-minded online service with a wide-ranging set of comprehensive tools to prevent harassment and block poor souls who spew abuse at others.

And who could blame them? At its core, Twitter is about sharing quick thoughts with the web at large. Of course, Twitter over the years did roll out a bare minimum of reporting features.

Now Twitter’s privacy capabilities have gotten a tad better. Announced Tuesday, a sweeping update to Twitter’s existing reporting and blocking tools calls for simplified forms that mobile users can fill out with easy when reporting abuse, a change to blocking policy, a better web interface to manage blocked users and more.

AT&T told the Associated Press on Friday that it is no longer using permanent cookies to track its subscribers. In late October, security researchers discovered that the carrier, along with its competitor Verizon, were using unique identifying numbers or “perma-cookies” to track their customers online habits.

A spokesperson for AT&T said that the tracking practice was part of a pilot program to improve targeted marketing called “Relevant Advertising.” But it says that the experiment is over, and it has pulled the identifying numbers from their customers’ accounts, although it may still sell the data it’s collected. Read More

The US Federal Trade Commission is seeking assurances from Apple that it will prevent sensitive health data from being used without the users’ consent, reports Reuters. The outlet says Apple representatives have met with FTC officials multiple times in recent months to discuss the matter.

More specifically, the FTC wants to be sure that Apple will not sell health data collected by its upcoming smartwatch and other devices to third party marketers, or allow app developers to do so. It also wants to be sure proper measures are being taken to protect the data against malicious attacks. Read More

The Electronic Frontier Foundation (or EFF) has posted a new Secure Messaging Scorecard, which ranks popular messaging offerings based on their security measures. The Scorecard uses a variety of metrics, such as methods of encryption and user privacy, and Apple’s messaging options faired rather well.

While dedicated secure messaging apps like ChatSecure and CryptoCat scored the highest, the EFF found Apple’s iMessage and FaceTime systems to be “the best of the mass-market options.” The two services were found more secure than several high profile apps, including BlackBerry Messenger and Skype. Read More

Apple’s boss Tim Cook went to China to meet with a top Chinese government official in Beijing amid allegations of government-backed phishing attempts on users’ iCloud accounts, according to a report by the state-run Xinhua news agency, relayed by Reuters Wednesday.

The meeting coincides with reports by GreatFire.org, a Chinese web monitoring group, alleging that the Chinese government sponsored man-in-the-middle attacks that redirected local users to a fake iCloud.com login page in an effort to harvest Apple ID user names and passwords. Read More

Following a report Monday by Great Fire alleging that the government in China attempted to compromise the security of Apple’s users by redirecting local traffic to a fake iCloud.com login webpage, Apple on Tuesday confirmed it was aware of the phishing attempts and ensured its servers had not been compromised, according to a CNBC report.

The company also took additional steps in the form of a new support document which teaches unsuspecting users how to verify that their web browser is in fact securely connected to the genuine iCloud.com login page. Read More

The Chinese government is reportedly phishing iCloud credentials of millions of people by staging a so-called man-in-the-middle attack which redirects unsuspecting users to a spoofed webpage that appears shockingly similar to the real iCloud.com website, Great Fire reported Monday.

Fooled users who type in their username and password into the fake web form risk exposing their iMessage communications, photos, contacts, reminders, calendars and other personal information associated with their Apple ID to a third-party. The problem is further accentuated by the fact that the popular Chinese browser Qihoo does not warn users that they’re visiting a fake website. Read More

Already likened to a Whisper/Secret clone, the anonymous chatting app is expected to be released in the coming weeks, according to two people briefed on Facebook’s plans.

The software would mark a notable reversal for the social networking giant, which has more than a billion active accounts and whose business policy largely revolves around encouraging its customers to use their real name to identify themselves on the service. Read More

There’s a new trojan in town, one that attacks jailbroken iPhone, iPod touch and iPad devices.

As discovered by Lacoon, the malicious software dubbed Xsser mRAT uses social engineering to steal valuable data from jailbroken devices by fooling unsuspecting users to tap on an install link in phishing messages from unknown senders.

Created by Chinese hackers, it can extract a vast range of personal information including your iOS address book, SMS messages, call logs, GSM identities, your approximate geographical location (as determined by the cell tower ID), on-device pictures, as well as passwords and other authentication data in the iOS keychains used by your Apple ID, mail accounts and other services. Read More

QuickType, Apple’s new predictive keyboard featured on the iPhone, iPod touch and iPad devices running iOS 8, is reportedly plagued with a potentially dangerous oversight where the software would suggest parts of your passwords that you previously used on websites, as first reported by French-language blog iGen.fr [Google Translate].

A new thread on Apple’s Support Communities website includes a note by one user who reported the keyboard offering “OrangeJuice” as a suggestion each time he would type in “AppleUser” because QuickType remembered the “OrangeJuice!2” password he previously used to log in to Outlook Web App. Read More

The FBI is very concerned with the new privacy features Apple is touting in iOS 8, the organization’s director James Comey told The Huffington Post on Thursday. In particular, he’s concerned the company is marketing something “expressly to allow people to place themselves above the law.”

Comey’s remarks follow Apple’s move last week to be more transparent and informative about its user privacy policies. In a new webpage on the topic, the Cupertino firm said it no longer stores encryption keys for devices running iOS 8, meaning it can’t bypass pass codes—even under subpoena. Read More

A string of bad news for Apple continues with a revelation published Thursday on The Daily Dot that London-based computer security expert Ibrahim Balic gave Apple a heads-up about a vulnerability he had discovered in iCloud, but the company discounted the severity of the issue and ignore the problem for six months.

Apple on Thursday released an update to its desktop Safari browser for Macs running OS X Mavericks which contains improvements to compatibility and security while introducing a pair of new options for strengthening your privacy when searching.

The first such feature turns on SSL encryption for all Yahoo searches conducted from Safari’s search field. As a result, no one can eavesdrop on what you’re searching for online.

Apple this evening launched a new privacy site in an effort to increase transparency on how it protects user data, and to educate users on how they can better protect themselves. Additionally, Tim Cook has posted an open letter to Apple Customers detailing the various sections of the new site, as well as Apple’s stance on user privacy.

The move follows recent bad publicity for Apple, in which its laxed iCloud security measures were blamed for the hacking of high profile celebrity accounts, which resulted in a slew of nude photos being leaked. The company maintains that its servers were never breached, but Tim Cook promised to double down on security anyway.